Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vh5JUwdYAJWDuhDXrKRadBVriEg.roa
File:                     vh5JUwdYAJWDuhDXrKRadBVriEg.roa (raw, json)
Hash identifier:          rdqkmoPnbmH8z2Uza8M3LIGV0iEW4BxfhpXpGet+OHI=
Subject key identifier:   BE:1E:49:53:07:58:00:95:83:BA:10:D7:AC:A4:5A:74:15:6B:88:48
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018B3E64F8D89424F7A70C51FB10E8336E55
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vh5JUwdYAJWDuhDXrKRadBVriEg.roa
Signing time:             Tue 17 Oct 2023 16:08:06 +0000
ROA not before:           Tue 17 Oct 2023 16:08:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     46450
IP address blocks:        89.213.154.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:3e:64:f8:d8:94:24:f7:a7:0c:51:fb:10:e8:33:6e:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct 17 16:08:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=be1e49530758009583ba10d7aca45a74156b8848
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:9f:09:5f:e5:cd:8a:e6:85:b2:9a:73:d8:d0:
                    9d:de:a7:dc:4c:37:68:67:8d:d7:a4:75:64:9d:f3:
                    60:2d:ac:b1:af:0f:87:10:5b:46:9b:21:9d:bf:c8:
                    6f:0b:f7:04:9b:40:45:c6:30:a7:14:e9:f6:60:19:
                    43:50:90:72:f5:5a:cf:e8:7b:75:97:01:f2:a5:51:
                    ec:cb:57:ce:0d:e0:87:e7:e0:ed:b9:33:90:b2:c3:
                    b0:9b:96:dc:04:37:9b:84:d3:67:76:c7:d7:91:ab:
                    28:26:09:18:af:cb:3a:aa:7c:e4:5a:7b:77:32:42:
                    7b:7d:10:55:f7:0b:61:29:e6:49:0c:f5:07:6b:c2:
                    f7:34:b6:c1:ac:d9:20:37:91:c9:48:8e:4a:cd:74:
                    79:18:7f:46:63:d8:e8:b2:23:d8:46:ee:7c:a7:25:
                    0f:77:9a:f1:bf:bd:67:09:4f:f7:49:02:9a:ab:77:
                    3b:ab:d0:a6:39:de:4b:94:15:b3:a3:ed:20:e2:8d:
                    ae:9c:97:a1:e3:c3:11:c0:02:11:bd:0d:c3:ae:af:
                    b7:d4:9c:7a:90:fa:89:b2:fc:08:ad:e7:89:2c:68:
                    58:b1:68:26:92:af:ca:ed:3e:1f:04:6f:ca:de:b4:
                    ae:6d:83:e9:d1:ea:13:0e:a5:8e:7f:0e:d0:02:41:
                    7e:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:1E:49:53:07:58:00:95:83:BA:10:D7:AC:A4:5A:74:15:6B:88:48
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vh5JUwdYAJWDuhDXrKRadBVriEg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:4a:75:98:48:b6:65:ab:3b:65:75:80:54:7c:8d:e1:ae:b2:
         bb:d8:c2:b2:65:ab:3e:27:37:94:d2:ab:d9:21:e6:9e:1f:53:
         e3:dc:d2:3d:54:fe:a6:ad:cc:1c:7a:8e:60:db:5d:1b:68:ff:
         bd:73:3c:e7:c6:4c:ca:0e:1b:16:6e:ce:2c:b3:a8:b4:75:ad:
         1a:a9:55:44:b5:68:7a:7c:f9:8e:95:27:59:d3:48:8c:e2:b2:
         61:31:79:0e:57:e2:5f:30:39:c4:3c:fa:53:ed:e7:b1:1f:6f:
         43:1c:ad:da:27:a6:2b:5b:8b:c7:05:1e:70:a6:22:5b:00:1e:
         71:c4:9c:12:79:ff:83:e5:d6:46:91:f9:98:b8:41:23:21:05:
         f2:e1:05:96:24:81:ae:ec:f9:51:c8:d2:31:1c:8d:2d:d5:b2:
         12:45:64:9a:ed:90:b5:d9:3d:35:e1:ad:06:9d:6f:46:91:d1:
         91:81:15:51:3d:26:be:9d:36:9e:65:8d:76:f4:48:56:f5:fe:
         ee:21:e5:8c:df:58:52:a6:ad:7e:0f:26:17:69:ab:12:2d:95:
         b5:fd:3e:17:1d:5f:db:b7:94:76:88:95:9e:57:4d:0d:53:48:
         5e:0a:ee:0b:05:fa:74:4f:40:a9:67:35:43:a7:0b:ea:cc:8d:
         aa:6a:68:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs+ZPjYlCT3pwxR+xDoM25VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDE3MTYwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFlNDk1MzA3NTgwMDk1ODNiYTEwZDdhY2E0NWE3NDE1NmI4ODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA458JX+XNiuaFsppz2NCd3qfcTDdo
Z43XpHVknfNgLayxrw+HEFtGmyGdv8hvC/cEm0BFxjCnFOn2YBlDUJBy9VrP6Ht1
lwHypVHsy1fODeCH5+DtuTOQssOwm5bcBDebhNNndsfXkasoJgkYr8s6qnzkWnt3
MkJ7fRBV9wthKeZJDPUHa8L3NLbBrNkgN5HJSI5KzXR5GH9GY9josiPYRu58pyUP
d5rxv71nCU/3SQKaq3c7q9CmOd5LlBWzo+0g4o2unJeh48MRwAIRvQ3Drq+31Jx6
kPqJsvwIreeJLGhYsWgmkq/K7T4fBG/K3rSubYPp0eoTDqWOfw7QAkF+jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL4eSVMHWACVg7oQ16ykWnQVa4hIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdmg1SlV3ZFlBSldEdWhEWHJLUmFkQlZyaUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWaMA0G
CSqGSIb3DQEBCwUAA4IBAQA5SnWYSLZlqztldYBUfI3hrrK72MKyZas+JzeU0qvZ
IeaeH1Pj3NI9VP6mrcwceo5g210baP+9czznxkzKDhsWbs4ss6i0da0aqVVEtWh6
fPmOlSdZ00iM4rJhMXkOV+JfMDnEPPpT7eexH29DHK3aJ6YrW4vHBR5wpiJbAB5x
xJwSef+D5dZGkfmYuEEjIQXy4QWWJIGu7PlRyNIxHI0t1bISRWSa7ZC12T014a0G
nW9GkdGRgRVRPSa+nTaeZY129EhW9f7uIeWM31hSpq1+DyYXaasSLZW1/T4XHV/b
t5R2iJWeV00NU0heCu4LBfp0T0CpZzVDpwvqzI2qamg1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org